Drew Wutka
DWUTKA at Marlow.com
Thu Sep 6 16:18:04 CDT 2007
One of the many reasons I use .asp and VB front ends, no direct .mdb access. IMHO, though, data integrity done only through the GUI is to easy to get around. F11 or Window --> unhide will always let someone at the database window. So if a user shouldn't be able to change data in a table, that table should be secured at the table level, not the form. (Not too mention, securing it at the table level once, makes EVERY form created have the same limitations, since the forms are going through the table. (And queries....) Drew -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Steve Schapel Sent: Thursday, September 06, 2007 3:41 PM To: Access Developers discussion and problem solving Subject: Re: [AccessD] Transactions Thanks, Drew. Well, I guess it depends on what sort of users you are dealing with. At the risk of re-hashing a discussion that has probably been done before, I think there is a distinction between functionality in the application when it is being used in the intended way, and deliberate unauthiorised attempts to circumvent the intended functionality. In terms of the original question asked by Arthur, where he wants the users to be able to add new records but not delete or edit existing records, I can open a form in design view, set the Allow Deletions and Allow Edits properties to No, and close and save the form, in less than 10 seconds. My time is valuable, so this is an important factor. If that form is the only way (apart from unauthorised hacking) for the data to be accessed, then that would be perfectly adequate in the case of all the clients who I have ever worked for. Regards Steve Drew Wutka wrote: > Show me a way to truly prevent it. It's there whether you like it or > not. Disable the Access Keys such as F11, and you just have to go > through the Window Menu. Even hiding the Access Window itself doesn't > guarantee a curious user can't get to the database window. Heck, the > code to unhide every Access window on your machine is just a few lines. > > User level security isn't hack proof (nothing is), but it is a lot > stronger then 'hiding' the database window. > -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com The information contained in this transmission is intended only for the person or entity to which it is addressed and may contain II-VI Proprietary and/or II-VI BusinessSensitve material. If you are not the intended recipient, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. You are notified that any review, retransmission, copying, disclosure, dissemination, or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited.